diff --git a/examples/default.nix b/examples/default.nix index 418efad..0e87f62 100644 --- a/examples/default.nix +++ b/examples/default.nix @@ -19,28 +19,25 @@ in inherit system; modules = [ dummy - { + ({ pkgs, ... }: { services.buildbot-nix.master = { enable = true; domain = "buildbot2.thalheim.io"; - workersFile = "/var/lib/secrets/buildbot-nix/workers.json"; + workersFile = pkgs.writeText "workers.json" '' + [ + { "name": "eve", "pass": "XXXXXXXXXXXXXXXXXXXX", "cores": 16 } + ] + ''; github = { - tokenFile = "/var/lib/secrets/buildbot-nix/github-token"; - webhookSecretFile = "/var/lib/secrets/buildbot-nix/github-webhook-secret"; - oauthSecretFile = "/var/lib/secrets/buildbot-nix/github-oauth-secret"; + tokenFile = pkgs.writeText "github-token" "ghp_000000000000000000000000000000000000"; + webhookSecretFile = pkgs.writeText "webhookSecret" "00000000000000000000"; + oauthSecretFile = pkgs.writeText "oauthSecret" "ffffffffffffffffffffffffffffffffffffffff"; oauthId = "aaaaaaaaaaaaaaaaaaaa"; user = "mic92-buildbot"; admins = [ "Mic92" ]; }; }; - services.nginx.virtualHosts."buildbot2.thalheim.io" = { - enableACME = true; - forceSSL = true; - }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; - security.acme.acceptTerms = true; - security.acme.defaults.email = "joerg.acme@thalheim.io"; - } + }) buildbot-nix.nixosModules.buildbot-master ]; }; @@ -48,12 +45,12 @@ in inherit system; modules = [ dummy - { + ({ pkgs, ... }: { services.buildbot-nix.worker = { enable = true; - workerPasswordFile = "/var/lib/secrets/buildbot-nix/worker-password"; + workerPasswordFile = pkgs.writeText "worker-password-file" ""; }; - } + }) buildbot-nix.nixosModules.buildbot-worker ]; }; diff --git a/nix/checks/master.nix b/nix/checks/master.nix index 1a951aa..0534b2d 100644 --- a/nix/checks/master.nix +++ b/nix/checks/master.nix @@ -2,18 +2,22 @@ name = "from-nixos"; nodes = { # `self` here is set by using specialArgs in `lib.nix` - node1 = { self, ... }: { + node1 = { self, pkgs, ... }: { imports = [ self.nixosModules.buildbot-master ]; services.buildbot-nix.master = { enable = true; domain = "buildbot2.thalheim.io"; - workersFile = "/var/lib/secrets/buildbot-nix/workers.json"; + workersFile = pkgs.writeText "workers.json" '' + [ + { "name": "eve", "pass": "XXXXXXXXXXXXXXXXXXXX", "cores": 16 } + ] + ''; github = { - tokenFile = "/var/lib/secrets/buildbot-nix/github-token"; - webhookSecretFile = "/var/lib/secrets/buildbot-nix/github-webhook-secret"; - oauthSecretFile = "/var/lib/secrets/buildbot-nix/github-oauth-secret"; + tokenFile = pkgs.writeText "github-token" "ghp_000000000000000000000000000000000000"; + webhookSecretFile = pkgs.writeText "webhookSecret" "00000000000000000000"; + oauthSecretFile = pkgs.writeText "oauthSecret" "ffffffffffffffffffffffffffffffffffffffff"; oauthId = "aaaaaaaaaaaaaaaaaaaa"; user = "mic92-buildbot"; admins = [ "Mic92" ]; diff --git a/nix/master.nix b/nix/master.nix index c0c0525..e06edd8 100644 --- a/nix/master.nix +++ b/nix/master.nix @@ -130,6 +130,7 @@ in ps.treq ps.psycopg2 (ps.toPythonModule pkgs.buildbot-worker) + ps.setuptools pkgs.buildbot-plugins.www pkgs.buildbot-plugins.www-react pkgs.buildbot-plugins.console-view diff --git a/nix/worker.nix b/nix/worker.nix index 8f968f0..73079a5 100644 --- a/nix/worker.nix +++ b/nix/worker.nix @@ -25,7 +25,7 @@ in description = "The buildbot master url."; }; workerPasswordFile = lib.mkOption { - type = lib.types.str; + type = lib.types.path; description = "The buildbot worker password file."; }; };